﻿<?php
include 'conn_mysql.php';
session_start(); 
$bigtype=$_REQUEST['bigtype'];
$openid=$_SESSION['openid'];
$id_difang=$_SESSION['id_difang'];

//zhsk分享赠送驴币
if($_SESSION['user_pid'])
{
	$user_pid=$_SESSION['user_pid'];//推荐人用户ID
}
else
{
	$user_pid=$_REQUEST['user_pid']?$_REQUEST['user_pid']:$_SESSION['user_pid'];//推荐人用户ID
	$_SESSION['user_pid']=$user_pid?$user_pid:'';
}

if($user_pid&&$openid)
{
    $sql="SELECT * FROM `ecs_share_url` WHERE openid='".$openid."' and id_difang='$id_difang'";
    $query = mysql_query($sql);

    $row = mysql_fetch_array($query);
    if(!$row)
    {
	    $sql="SELECT user_id,user_name FROM `ecs_users` WHERE openid='".$openid."'";
	    $query = mysql_query($sql);

	    $row = mysql_fetch_array($query);
	    if($row[0]!=$user_pid)//排除本人分享本人
	    {
	    	$add_pay_points=10;
	    	$now_time=time();
	        $sql="insert into ecs_share_url(`id_difang`,`user_pid`,`openid`,`ctime`,`status`,`add_pay_points`) values('$id_difang','$user_pid','$openid','$now_time',1,'$add_pay_points')";
	        $query = mysql_query($sql);	  

	
	    }


    }
}

include_once 'conn_login.php';



//线路报名1
if($bigtype==1){
	$textarea=$_REQUEST['textarea'];
	$banqi=$_REQUEST['banqi'];

	
	$issuetime=date('Y-m-d H:i:s',time());
	
	if($user_id)
	{
		$sql="INSERT INTO `main_user`(`openid`,`textarea`,`banqi`,`id_difang`,`issuetime`,`user_id`) VALUES ('$openid','$textarea','$banqi','$id_difang','$issuetime','$user_id')";
		$query = mysql_query($sql);
		
		//查询用户分配到的id
		$sql="select * from `main_user` where openid='$openid'";
		$query = mysql_query($sql);
		while($row = mysql_fetch_array($query)){
			$id_main=$row['id_self'];
			$_SESSION['id_main']=$id_main;
		}
			echo "{";
			echo "\"code\"".":"."\"0001\",";
			echo "\"reason\"".":"."\""."订单上传成功！"."\"";
			echo "}";
			exit;		
	}

	
	echo "{";
	echo "\"code\"".":"."\"0002\",";
	echo "\"reason\"".":"."\""."请登录！"."\"";
	echo "}";
	exit;
}
if($bigtype==2){

	 //已支付--停止操作
	$sql="select id_self,is_zhifu from main_user where id_self='$id_main' ";
	$query = mysql_query($sql);
	while($row = mysql_fetch_array($query)){
		$this_id_self=$row['id_self'];
		$is_zhifu=$row['is_zhifu'];
		
	}
	if($is_zhifu>0)
	{
		echo "<SCRIPT>alert('订单已支付或已取消无法操作');window.history.go(-1);</SCRIPT>";
		exit;
	}


	$id_fu=$_REQUEST['id_fu'];
	$name=$_REQUEST['name'];
	$phone=$_REQUEST['phone'];
	$idcode=$_REQUEST['idcode'];
	$choose=$_REQUEST['choose'];

	//判断该用户是否存在
	if(strlen($id_fu)==0 &&$user_id){
		//账号不存在，新增数据
		$sql="INSERT INTO `fu_user`(`name`, `phone`, `idcode`, `choose`,`id`,`user_id`) VALUES ('$name','$phone','$idcode','$choose','$id_main','$user_id')";
	}else{
		//账号存在，更新数据
		$sql="UPDATE `fu_user` SET `name`='$name',`phone`='$phone',`idcode`='$idcode',`choose`='$choose' WHERE id_fu='$id_fu'";
	}
	$query = mysql_query($sql);
	
	//查询用户分配到的id
	$sql="select * from `fu_user` where name='$name' and phone='$phone'";
	$query = mysql_query($sql);
	while($row = mysql_fetch_array($query)){
		$id=$row['id'];
		$id_fu=$row['id_fu'];
	}

	
	echo "{";
	echo "\"code\"".":"."\"0001\",";
	echo "\"id\"".":"."\"".$id."\",";
	echo "\"id_fu\"".":"."\"".$id_fu."\",";
	echo "\"reason\"".":"."\""."该用户的数据上传成功！"."\"";
	echo "}";
	exit;
}
//删除随行游客
if($bigtype==3){
	$id_fu=$_REQUEST['id_fu'];
	$id=$_REQUEST['id'];
	
	$sql="DELETE FROM `fu_user` WHERE id_fu=$id_fu";
	$query = mysql_query($sql);
	
	echo "{";
	echo "\"code\"".":"."\"0001\",";
	echo "\"id\"".":"."\"".$id."\"";
	echo "}";
	exit;
}
//添加单房差记录
if($bigtype==4){
	$num=$_REQUEST['num'];
	
	$sql="UPDATE `main_user` SET `num`='$num' WHERE id_self='$id_main'";
	$query = mysql_query($sql);

	echo "{";
	echo "\"code\"".":"."\"0001\",";
	echo "\"id\"".":"."\"".$id."\"";
	echo "}";
	exit;

}
//获取单一班期的报名人数
if($bigtype==5){
	$id_difang=$_REQUEST['id_difang'];
	$banqi=$_REQUEST['banqi'];
	
	$time=date('Y-m-d H:i:s',time());
	
	$renshu=0;
	$sql="SELECT * FROM `main_user` WHERE id_difang='$id_difang' and banqi='$banqi' and TIMESTAMPDIFF(day,issuetime,now())<365 and is_zhifu='1'";
	$query = mysql_query($sql);
	while($row = mysql_fetch_array($query)){
		// $renshu=$renshu+1;
		//查询此申请人下的随行人员
		$sql2="SELECT * FROM `fu_user` WHERE id='".$row['id_self']."'";
		$query2 = mysql_query($sql2);
		$renshu=$renshu+mysql_num_rows($query2);
	}

	echo "{";
	echo "\"code\"".":"."\"0001\",";
	echo "\"renshu\"".":"."\"".$renshu."\"";
	echo "}";
	exit;

}
//验证用户登录的账户密码是否正确
if($bigtype==6){
	$mima=$_REQUEST['mima'];
	$phone=$_REQUEST['phone'];
	
	$_SESSION['phone'] = $phone;
	
	//获取加密key
	$sql="SELECT * FROM `ecs_users` WHERE mobile_phone='$phone'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)<1){
		echo "<SCRIPT>alert('手机号不存在，请检查输入是否有误！');window.location.href='log_the2.php';</SCRIPT>";
		exit;
	}
	while($row = mysql_fetch_array($query)){
		$ec_salt=$row['ec_salt'];
	}
	
	$password=md5(md5($mima).$ec_salt);//拼装密钥
	
	//查询账号密码是否匹配
	$sql="SELECT * FROM `ecs_users` WHERE mobile_phone='$phone' and password='$password'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)<1){
		//不匹配
		echo "<SCRIPT>alert('密码错误，请重试！');window.location.href='log_the2.php';</SCRIPT>";
	}else{
		$_SESSION['is_log_in'] = '1';//登录成功标识符
		echo "<SCRIPT>window.location.href='log_gerenzhongxing1.php';</SCRIPT>";
	}
}

//手机注册发送验证码
if($bigtype==8){
	$phone=$_REQUEST['phone'];
	
	//判断手机号是否已经注册过
	$sql="SELECT * FROM `ecs_users` WHERE mobile_phone='$phone'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)>0){
		//已经注册
		echo "<SCRIPT>alert('该手机号码已被注册，请直接登录！');window.location.href='log_the2.php';</SCRIPT>";
	}else{
		//未注册,向目标手机发送验证码
		$identifying_code=rand(1000,9999);//随机生成四位纯数字验证码
		//将该验证码保存进session，以便下次验证
		$_SESSION['identifying_code']=$identifying_code;
		
		
		$content="【驴行天下】您的注册验证码是：".$identifying_code."，为了您的账户安全，请在使用后及时删除。";
			
		$url = "http://xtx.telhk.cn:8080/sms.aspx";//中国服务器处理数据接口
		//定义传递的参数数组；
		$data['action']="send";
		$data['userid']="6678";
		$data['account']="zzga2016";
		$data['password']="jx798798";
		$data['mobile']=$phone;
		$data['content']=$content;//短信内容
		$data['sendTime']="";//空为立即发送
		$data['taskName']="";//本次任务描述，可以为空
		$data['checkcontent']="1";
		$data['mobilenumber']="1";
		$data['countnumber']="1";
		$data['telephonenumber']="1";
		
		$httpstr =http($url, $data, 'POST');

		echo "<SCRIPT>window.location.href='log_the_zhuci_1.php?phone=$phone';</SCRIPT>";
		
	}
}
//手机验证验证码
if($bigtype==9){
	$yanzhengma=$_REQUEST['yanzhengma'];
	$phone=$_REQUEST['phone'];
	
	if((String)$yanzhengma==(String)$_SESSION['identifying_code']){
	//if(true){
		//验证成功
		$_SESSION['phone']=$phone;
		
		//将用户手机号修改成该手机号
		$sql="UPDATE `ecs_users` SET `mobile_phone`='$phone' where openid='".$_SESSION['openid']."'";
		$query = mysql_query($sql);
		
		echo "<SCRIPT>window.location.href='log_gerenzhongxing1.php?phone=$phone';</SCRIPT>";
	}else{
		//验证失败
		echo "<SCRIPT>alert('验证码错误！');window.location.href='log_the_zhuci_1.php?phone=$phone';</SCRIPT>";
	}
	
}
//生成账号，完成注册
if($bigtype==10){
	$phone=$_REQUEST['phone'];
	$user_name=$_REQUEST['user_name'];
	$password=$_REQUEST['password'];
	$password1=$_REQUEST['password1'];
	$xingbie=$_REQUEST['xingbie'];
	
	if(strlen($user_name)==0 or strlen($password)==0 or strlen($xingbie)==0){
		echo "<SCRIPT>alert('昵称或者密码不允许为空！');window.location.href='log_the_zhuci_2.php?phone=$phone';</SCRIPT>";
		exit;
	}
	if((String)$password!=(String)$password1){
		echo "<SCRIPT>alert('前后两次输入的密码不匹配！请从新输入。');window.location.href='log_the_zhuci_2.php?phone=$phone';</SCRIPT>";
		exit;
	}
	if(strlen($password)<6){
		echo "<SCRIPT>alert('密码应不少于6位！');window.location.href='log_the_zhuci_2.php?phone=$phone';</SCRIPT>";
		exit;
	}
	
	//创建账号
	$sql="INSERT INTO `admin_user`(`user_name`, `phone`, `mima`,`lvbi`,`xingbie`) VALUES ('$user_name','$phone','$password','10','$xingbie')";
	$query = mysql_query($sql);

	//记录下驴币获取记录
	$sql="INSERT INTO `lvbi_huoqv`(`phone`, `huoqv_tujing`, `how_much`) VALUES ('$phone','注册获取','10')";
	$query = mysql_query($sql);
	
	echo "<SCRIPT>window.location.href='log_gerenzhongxing1.php?phone=$phone';</SCRIPT>";
}
//修改昵称
if($bigtype==11){
	$name=$_REQUEST['name'];
	
	$phone=$_SESSION['phone'];
	$openid=$_SESSION['openid'];
	
	if(strlen($phone)!=0){
		$sql="UPDATE `ecs_users` SET `user_name`='$name' WHERE mobile_phone='$phone'";
	}
	if(strlen($openid)!=0){
		$sql="UPDATE `ecs_users` SET `user_name`='$name' WHERE openid='$openid'";
	}
	$query = mysql_query($sql);
	
	echo "<SCRIPT>window.location.href='log_gerenzhongxing1.php';</SCRIPT>";
	
}
//修改性别
if($bigtype==12){
	$xingbie=$_REQUEST['xingbie'];
	
	$phone=$_SESSION['phone'];
	$openid=$_SESSION['openid'];
	
	if(strlen($phone)!=0){
		$sql="UPDATE `ecs_users` SET `sex`='$xingbie' WHERE mobile_phone='$phone'";
	}
	if(strlen($openid)!=0){
		$sql="UPDATE `ecs_users` SET `sex`='$xingbie' WHERE openid='$openid'";
	}
	$query = mysql_query($sql);
	
	echo "<SCRIPT>window.location.href='log_gerenzhongxing2.php';</SCRIPT>";
	
}
//修改密码
if($bigtype==13){
	$old_mima=$_REQUEST['old_mima'];
	$new_mima=$_REQUEST['new_mima'];
	$phone=$_REQUEST['phone'];
	
	if(strlen($new_mima)<6){
		echo "<SCRIPT>alert('新密码需超过6位数字或字母组成，修改密码失败！');window.location.href='log_gerenzhongxing2.php?phone=$phone';</SCRIPT>";
		exit;
	}
	
	//获取加密key
	$sql="SELECT * FROM `ecs_users` WHERE mobile_phone='$phone'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)<1){
		echo "<SCRIPT>alert('手机号不存在，请检查输入是否有误！');window.location.href='log_the2.php';</SCRIPT>";
		exit;
	}
	while($row = mysql_fetch_array($query)){
		$ec_salt=$row['ec_salt'];
	}
	
	$password=md5(md5($mima).$ec_salt);//拼装密钥
	
	//判断原始密码是否正确
	$sql="SELECT * FROM `ecs_users` WHERE phone='$phone' and mobile_phone='$old_mima'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)<1){
		//原始密码错误
		echo "<SCRIPT>alert('旧密码错误，修改密码失败！');window.location.href='log_gerenzhongxing2.php?phone=$phone';</SCRIPT>";
		exit;
	}
	//修改密码
	$sql="UPDATE `admin_user` SET `mima`='$new_mima' WHERE phone='$phone'";
	$query = mysql_query($sql);
	echo "<SCRIPT>alert('修改密码成功！');window.location.href='log_gerenzhongxing2.php?phone=$phone';</SCRIPT>";
}
//session  记录phone
if($bigtype==14){
	$phone = $_REQUEST['phone'];
	$_SESSION['phone'] = $phone;
	
	echo "<SCRIPT>window.location.href='log_the2.php?bigtype=2';</SCRIPT>";
}

if($bigtype==15){
	$phone = $_REQUEST['phone'];
	$_SESSION['phone']=$phone;//session 记录phone
	
	$genhuan_yanzma=rand(1000,9999);//随机生成四位纯数字验证码
	$_SESSION['genhuan_yanzma']=$genhuan_yanzma;
	
	$content="【驴行天下】账户重置密码验证码是：".$genhuan_yanzma."，为了您的账户安全，请在使用后及时删除。";
			
	$url = "http://xtx.telhk.cn:8080/sms.aspx";//中国服务器处理数据接口
	//定义传递的参数数组；
	$data['action']="send";
	$data['userid']="6678";
	$data['account']="zzga2016";
	$data['password']="jx798798";
	$data['mobile']=$phone;
	$data['content']=$content;//短信内容
	$data['sendTime']="";//空为立即发送
	$data['taskName']="";//本次任务描述，可以为空
	$data['checkcontent']="1";
	$data['mobilenumber']="1";
	$data['countnumber']="1";
	$data['telephonenumber']="1";
	
	$httpstr =http($url, $data, 'POST');
	echo "{";
	echo "\"code\"".":"."\"0001\"";
	echo "}";
	exit;
	
}
if($bigtype==16){
	$phone=$_REQUEST['phone'];//获取用户
	
	$mima = $_REQUEST['mima'];
	$_SESSION['mima'] = $mima;
	
	$yanzhengma = $_REQUEST['yanzhengma'];
	
	//判断验证码是否正确
	if((string)$yanzhengma!=(string)$_SESSION['genhuan_yanzma']){
	//if(0){
		echo "<SCRIPT>alert('验证码错误，重置密码失败！');window.location.href='log_the2.php?bigtype=2';</SCRIPT>";
		exit;
	}
	
	//获取加密key
	$sql="SELECT * FROM `ecs_users` WHERE mobile_phone='$phone'";
	$query = mysql_query($sql);
	if(mysql_num_rows($query)<1){
		echo "<SCRIPT>alert('手机号不存在，请检查输入是否有误！');window.location.href='log_the2.php';</SCRIPT>";
		exit;
	}
	while($row = mysql_fetch_array($query)){
		$ec_salt=$row['ec_salt'];
	}
	$password=md5(md5($mima).$ec_salt);//拼装密钥
	
	//修改密码
	$sql="UPDATE `ecs_users` SET `password`='$password' where mobile_phone='$phone'";
	$query = mysql_query($sql);
	
	//跳转到用户中心
	$_SESSION['is_log_in'] = '1';//登录成功标识符
	echo "<SCRIPT>window.location.href='log_gerenzhongxing1.php';</SCRIPT>";
}
if($bigtype==17){
	$shenfen_ID=$_REQUEST['shenfen_ID'];
	
	$phone=$_SESSION['phone'];
	$openid=$_SESSION['openid'];
	
	if(strlen($phone)!=0){
		$sql="UPDATE `ecs_users` SET `shenfen_ID`='$shenfen_ID' WHERE mobile_phone='$phone'";
	}
	if(strlen($openid)!=0){
		$sql="UPDATE `ecs_users` SET `shenfen_ID`='$shenfen_ID' WHERE openid='$openid'";
	}
	$query = mysql_query($sql);
	
	echo "<SCRIPT>window.location.href='log_gerenzhongxing2.php';</SCRIPT>";
	
}
//修改备注
if($bigtype==18){
	$textarea=$_REQUEST['textarea'];
	
	$sql="UPDATE `main_user` SET `textarea`='$textarea' where id_self='$id_main'";
	$query = mysql_query($sql);
	
	echo "{";
	echo "\"code\"".":"."\"0001\"";
	echo "}";
	exit;
	
}
//我的旅行跳转到订单页面
if($bigtype==19){
	$id_main=$_REQUEST['id_main'];
	$id_difang=$_REQUEST['id_difang'];
	$openid=$_REQUEST['openid'];
	
	$_SESSION['openid']=$openid;
	$_SESSION['id_main']=$id_main;
	$_SESSION['id_difang']=$id_difang;
	
	
	echo "<SCRIPT>window.location.href='index_pay.php';</SCRIPT>";
}
//分享驴币奖励
if($bigtype==20){
	//记录下驴币使用情况
	$sql="INSERT INTO `lvbi_huoqv`(`openid`, `huoqv_tujing`, `how_much`, `id_difang`) VALUES ('$openid','分享线路获取','1','$id_difang')";
	$query = mysql_query($sql);
	//增加相应驴币
	$sql="UPDATE `ecs_users` SET `pay_points`=pay_points+1,`rank_points`=rank_points+1 where openid='".$openid."'";
	$query = mysql_query($sql);

	
	$openid=$_SESSION['openid']?$_SESSION['openid']:0;
	$user_id=$_SESSION['user_id']?$_SESSION['user_id']:$openid;
	$sql="select biaoti from `lvyou_difang_info`  where id_difang=$id_difang ";
	$query = mysql_query($sql);
	while($row=mysql_fetch_array($query))
	{
		$biaoti=$row['biaoti'];
	}
   
    //日志
    $now_time=time();
	$sql="insert into ecs_account_log(`user_id`,`pay_points`,`change_time`,`change_desc`,`change_type`,`user_money`,`frozen_money`,`rank_points`)  values('$user_id','1','$now_time','分享路线".$biaoti."的链接获得1驴币','99',0,0,1)";
    $query = mysql_query($sql);
	
	echo "{";
	echo "\"code\"".":"."\"0001\"";
	echo "}";
	exit;
	
}

if($bigtype==21){
	


   $idcode_list=$_POST['idcode'];
   $post_id_main=$_POST['id_main'];

   $_SESSION['id_main']=$post_id_main;

   //已支付--停止操作
	$sql="select id_self,is_zhifu from main_user where id_self='$post_id_main' ";
	$query = mysql_query($sql);
	while($row = mysql_fetch_array($query)){
		$this_id_self=$row['id_self'];
		$is_zhifu=$row['is_zhifu'];
		
	}
	if(!$this_id_self)
	{
		echo "<SCRIPT>alert('订单不存在');window.history.go(-1);</SCRIPT>";
		exit;
	}

	if($is_zhifu>0)
	{
		echo "<SCRIPT>alert('订单已支付或已取消无法选择游客');window.history.go(-1);</SCRIPT>";
		exit;
	}

	//意外bug--临时使用
  //   if($idcode_list)
  //   {
	 //    $sql="DELETE FROM `fu_user` WHERE id=$post_id_main ";
		// $query = mysql_query($sql);
  //   }

   $idcode_into='';
   foreach ($idcode_list as $key => $value) {
   	    $idcode=$value;
   	    //预备删除使用
   	    if($idcode_into)$idcode_into.=",'".$idcode."'";
   	    else $idcode_into="'".$idcode."'";

		$sql="select id_fu from fu_user where id='$post_id_main' and idcode='$idcode' ";
		$query = mysql_query($sql);
		$id_fu=0;
		while($row = mysql_fetch_array($query)){
			$id_fu=$row['id_fu'];
		}


		//判断该用户是否存在
		if(!$id_fu &&$user_id){
            
            //选择身份证对应已填写用户

			$name='';
        	$idcode_sql="select real_name,shenfen_ID,mobile_phone,sex from ecs_users where user_id='$user_id' and shenfen_ID='$idcode' ";
			$idcode_query = mysql_query($idcode_sql);
			while($idcode_row = mysql_fetch_array($idcode_query)){
				$name=$idcode_row['real_name'];
				$phone=$idcode_row['mobile_phone'];
				$choose=$idcode_row['sex'];
			}   
			
			if(!$name)//可能是购买人
			{
				$idcode_sql="select  DISTINCT name,phone,idcode,choose from fu_user where user_id='$user_id' and idcode='$idcode'   order by id_fu limit 1";
				$idcode_query = mysql_query($idcode_sql);			
				while($idcode_row=mysql_fetch_array($idcode_query)){

				$name=$idcode_row['name'];
				$phone=$idcode_row['phone'];
				$choose=$idcode_row['choose'];
			  }		
			}

			//账号不存在，新增数据
			if($name&&$user_id)
			{
				$sql="INSERT INTO `fu_user`(`name`, `phone`, `idcode`, `choose`,`id`,`user_id`) VALUES ('$name','$phone','$idcode','$choose','$post_id_main','$user_id')";
			    $query = mysql_query($sql);				
			}

		}
	
   }
    if($idcode_into)
    {
	    $sql="DELETE FROM `fu_user` WHERE id=$post_id_main and   idcode not in ($idcode_into)";
		$query = mysql_query($sql);
    }

	
	echo "<SCRIPT>window.location.href='index_pay.php';</SCRIPT>";
	
}

//curl请求函数
function http($url,  $params, $method = 'GET', $header = array(), $multi = false){
	//var_dump($params);
	//echo json_encode($params);
    $opts = array(
            CURLOPT_TIMEOUT        => 30,
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_SSL_VERIFYPEER => false,
            CURLOPT_SSL_VERIFYHOST => false,
            CURLOPT_HTTPHEADER     => $header
    );
    /* 根据请求类型设置特定参数 */
    switch(strtoupper($method)){
        case 'GET':
            $opts[CURLOPT_URL] = $url . '?' . http_build_query($params);
            break;
        case 'POST':
            //判断是否传输文件
            $params = $multi ? $params : http_build_query($params);
            $opts[CURLOPT_URL] = $url;
            $opts[CURLOPT_POST] = 1;
            $opts[CURLOPT_POSTFIELDS] = $params;
            break;
        default:
            throw new Exception('不支持的请求方式！');
    }
    /* 初始化并执行curl请求 */
    $ch = curl_init();
    curl_setopt_array($ch, $opts);
    $data  = curl_exec($ch);
    $error = curl_error($ch);
    curl_close($ch);
    if($error) throw new Exception('请求发生错误：' . $error);
    return  $data;
}





?>